I'm trying to define a systemd mount using cloud-config.yml so that CoreOS mounts a kerberized file system at startup.
The filesystem provider has handed me the krb5.conf and krb5.keytab which I write to /etc folder using write_files section of cloud-config.yml.
This is my mount specification:
- name: mnt-backup.mount
enable: true
content: |
[Mount]
What=vid52590.nas1.lan:/vid52590
Where=/mnt/backup
Options=sec=krb5
Type=nfs
[Install]
WantedBy=multi-user.target
When the system tries to mount the nfs filesystem I get the following message though journalctl:
Sep 12 16:30:40 backend systemd[1]: Mounting /mnt/backup...
Sep 12 16:30:40 backend systemd[1]: mnt-backup.mount: Mount process exited, code=exited status=32
Sep 12 16:30:40 backend systemd[1]: Failed to mount /mnt/backup.
Sep 12 16:30:40 backend systemd[1]: mnt-backup.mount: Unit entered failed state.
I have tried issuing the command on the console like so:
sudo mount -o sec=krb5 vid52590.nas1.lan:/vid52590 /mnt/backup
Getting the following error:
mount.nfs: access denied by server while mounting vid52590.nas1.lan:/vid52590
I have double checked that the krb5.keytab has been properly written byte by byte.
Any idea on how to troubleshoot this config? Thanks in advance!
When running:
kinit -kt /etc/krb5.keytab <principal>
The command returns but no response is shown. If I use an inexistent principal it says:
kinit: Keytab contains no suitable keys for <invalid_pricipal> while getting initial credentials
